Trending Projects

Ncrack is a high-speed network authentication tool used for cracking authentication credentials across a network.

A program to reverse Docker images into Dockerfiles, useful for security researchers and developers.

A C++ tool for bypassing security products by obscuring the intentions of a process.

An open-source Go library that uncovers unexpected SSH server exposures and vulnerabilities.

This repository is a comprehensive book focused on penetration testing and the ATTCK framework, not a developer discovery platform for vibe coders.

A collection of CTF (Capture The Flag) tools for cryptography, web security, and more.

This Python project allows stealing Net-NTLM hashes using a vulnerable PDF document, used for security research.

This is a Python script for monitoring and crawling the Chinese Darknet, not a developer discovery platform.

Autorize is an extension for Burp Suite that automates authorization enforcement detection to ease security testing.

A Python library for parsing Cobalt Strike beacon data, useful for security analysis and incident response.

A Ruby tool for embedding XXE/XML exploits into different filetypes for security research.

Examples demonstrating how to implement AWS security patterns using CloudFormation and Terraform.

A collection of handy bookmarks for penetration testing and security research.

A Python tool for sending phishing messages and attachments to Microsoft Teams users.

A Go-based port of Wappalyzer that automates mass scanning to uncover technologies used on websites.

Automated JavaScript recon tool for bug bounty hunters and security researchers.

A Python tool that can be used to brute-force and enumerate subdomains for security scanning and vulnerability discovery.

A simple C++ tool to encrypt and hide files inside images using Least-Significant-Bit encoding.

Ladon 911 for Cobalt Strike & Cracked Download, a large network penetration scanner with various security tools

Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers.

A webshell management tool for Godzilla that helps bypass traffic detection devices.

A C++ tool that can terminate all EDR/XDR/AVs processes, potentially used for security research.

This repository contains information and resources related to IT security that developers may find useful.

Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

Attify OS is a Linux distro for penetration testing and exploiting IoT devices.

Hackazon is a modern vulnerable web app for security research and training purposes.

This is a collection of commonly used commands for penetration testing, not a developer tool.

A Go-based shellcode encryptor and obfuscator tool for penetration testing and red team activities.

Simple Swift wrapper for Keychain that works across iOS, watchOS, tvOS and macOS.

This Python library provides a dictionary for brute-force attacks, a common technique used in cybersecurity.

This is an archived repository that provides a web crawler and search engine for the now-defunct Wooyun security vulnerability database.

A tool to find secrets and sensitive information in code repositories across GitHub, GitLab, and Bitbucket.

A Chrome extension and Express server that exploits keylogging abilities of CSS.

An open-source project focused on protecting user privacy and security against mass surveillance.

Open-source RASP (Runtime Application Self-Protection) solution for improving application security.

This is a toolkit for penetration testing and security research, not a developer platform focused on vibe coders.

YARA signature database for threat detection, malware analysis, and security scanning

Curated cheatsheets & command snippets for penetration testing and security research

A collection of cheatsheets for tools related to pentesting organizations that leverage cloud providers.

A Go-based CLI tool to generate temporary phone numbers for bypassing SMS verification.

A comprehensive guide to Secure Shell (SSH) tunneling, port redirection, and network traffic manipulation for security professionals.

A Python tool for mapping and tracking WiFi networks and devices without being connected to them.

This repository provides a comprehensive cheat sheet for common Active Directory enumeration and exploitation techniques.

The Python Cryptography Toolkit provides a set of cryptographic primitives and utilities for developers.

A Java security audit plugin that helps developers find security vulnerabilities in web and Android apps.

This is a Firefox extension that demonstrates HTTP session hijacking attacks, not a vibe coder tool.

A Swiss Army knife for automated web application testing, written in Go, useful for bug bounty hunters and security professionals.

A collection of hacker tools written in Go, useful for security researchers and penetration testers.

A Python library for remotely extracting credentials from the Windows Local Security Authority Subsystem Service (lsass).

A sensitive information leakage scanner for GitHub that helps developers monitor for and secure exposed data.